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IN THE CLAIMS: 
1 -35. (cancelled). 

36. (new) A method of revoking a host device, comprising: 

receiving at a storage engine a certificate from the host device, the certificate 
containing a digital signature; 

authenticating the digital signature; 

receiving at the storage engine a file request from the host device, the file request 
being directed to a file stored on a storage medium accessible to the storage engine; 

reading a revocation file associated with the file from the storage medium, the 
revocation file containing at least one rule, the at least one rule associating data in the 
revocation file with data in certificate; 

applying the at least one rule on the data in the revocation file and the associated data 
in the certificate; and 

if the application of the at least one rule provides a failing result, denying the file 
request, 

37. (new) The method of claim 36, wherein the at least one rule comprises a plurality of rules. 

38. (new) The method of claim 36, wherein the storage medium is an optical disk. 

39. (new) The method of claim 36, wherein the application of the at least one rule act 
comprises matching the data in the revocation file with the data in the certificate. 
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40. (new) The method of claim 36, further comprising: if the application of the at least one 
rule provides a succesful result, granting the file request. 

4L (new) A storage engine, comprising: 

authentication means for authenticating a digital signature contained in a certificate 
from a host device, and 

file request response means for responding to file requests from the host device, each 
file request identifying a particular file, the file request response means being responsive to 
file requests only if the authentication means authenticates the digital signature, the file 

I request response means being configured to read a revocation file associated with the 
particular file identified by the file request, the revocation file containing at least one rule, the 
at least one rule associating data in the revocation file with data in certificate, the file request 
response means being configured to apply the at least one rule on the data in the revocation 
file and the associated data in the certificate; the file request response means being configured 
to deny the file request if the application of the at least one rule provides a failing response. 

41 . (new) The storage engine of claim 40, wherein the application of the at least one rule 
comprises matching the data in the revocation file with the data in the certificate 
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